<!DOCTYPE html>
<html>
<head>
<title>post</title>
<script language="javascript" type="text/javascript">
	function showSelected() {
		if(document.getElementById("post_form").tipe[0].checked) {
			document.getElementById("link").setAttribute('style','display : block');
			document.getElementById("deskripsi").setAttribute('style','display : block');
			document.getElementById("file").setAttribute('style','display : none');
			return 1;
		} else if(document.getElementById("post_form").tipe[1].checked) {
			document.getElementById("link").setAttribute('style','display : none');
			document.getElementById("deskripsi").setAttribute('style','display : none');
			document.getElementById("file").setAttribute('style','display : block');
			return 2;
		} else if(document.getElementById("post_form").tipe[2].checked) {
			document.getElementById("link").setAttribute('style','display : block');
			document.getElementById("deskripsi").setAttribute('style','display : none');
			document.getElementById("file").setAttribute('style','display : none');
			return 3;
		}
		return 0;
	}
</script>
</head>
<body onload="showSelected()">
<form id="post_form" action="post.php" method="post" enctype="multipart/form-data">
	<?php
		function isValid($u) {
			return preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $u);
		}
		function showUtube($v) {
			return "<br /><object width='425' height='350' data='http://www.youtube.com/v/".$v. "' type='application/x-shockwave-flash'> <param name='src' value='http://www.youtube.com/v/".$v."' /></object>";
		}
		if (isset($_POST['submit'])) {
			$title = $_POST['title'];
			$tags = $_POST['tag'];
			$submit = $_POST['submit'];
			$tipe = $_POST['tipe'];
			$link = $_POST['link'];
			$deskripsi = $_POST['deskripsi'];
		}
	?>
	<input type="radio" name="tipe" onclick="showSelected()" value="link" <?php if ((!isset($_POST['submit'])) || ((isset($_POST['submit'])) && ($tipe=='link'))) echo "checked"; ?> />link
	<input type="radio" name="tipe" onclick="showSelected()" value="image" <?php if ((isset($_POST['submit'])) && ($tipe=='image')) echo "checked"; ?>  />image
	<input type="radio" name="tipe" onclick="showSelected()" value="video" <?php if ((isset($_POST['submit'])) && ($tipe=='video')) echo "checked"; ?> />video <br />
	<div id="title">Judul : <input name="title" type="text" <?php if (isset($_POST['submit'])) echo "value='$title'"; ?> /> <br /> </div>
	<div id="link" >Link : <input name="link" type="text" <?php if (isset($_POST['submit'])) echo "value='$link'"; ?> /> <br /> </div>
	<div id="deskripsi">Deskripsi : <input name="deskripsi" type="text" <?php if (isset($_POST['submit'])) echo "value='$deskripsi'"; ?>  /> <br /> </div>
	<div id="file" style="display: none">File : <input name="file" type="file"/> <br /> </div>
	<div id="tag">Tag : <input name="tag" type="text"  <?php if (isset($_POST['submit'])) echo "value='$tags'"; ?> /> <br /> </div>
	<input name="submit" type="submit" value="post">
	<input name="submit" type="submit" value="preview">
</form>
	<?php
		if (isset($_POST['submit'])) {
			if (isset($_POST['file']))
				$file = $_POST['file'];
			else 
				$file = 'undefined';
			$error = false;
			if ($submit=='post') {
				if ($title == '') {
					echo "[title kosong]";
					$error = true;
				} 
				if ($tags=='') {
					echo "[tag kosong]";
					$error = true;
				} 
				if ($tipe == 'link') {
					if ($link =='') {
						echo "[link kosong]";
						$error = true;
					} else if (!isValid($link)) {
						echo "[link tidak valid]";
						$error = true;
					}
					if ($deskripsi == '') {
						echo "[deksripsi kosong]";
						$error = true;
					} 
					if (!$error) {
						$mysql_db = "progin_171_13509027";
						$mysql_user = "progin";
						$mysql_pass = "progin";
						$mysql_link = mysql_connect("localhost", $mysql_user, $mysql_pass);
						mysql_select_db($mysql_db, $mysql_link);
						
						$query = "INSERT INTO post(judul, wujud, link, deskripsi) VALUES('$title', 0, '$link','$deskripsi')"; 
						mysql_query($query);
						
						//dapetin ID
						$res = mysql_query("SELECT ID_post FROM post 
											WHERE judul='$title' AND wujud=0 AND link='$link' AND deskripsi='$deskripsi' ORDER BY waktu DESC LIMIT 1");
						$id = mysql_result($res,0,'ID_post');
						
						//usernamenya masih salah nih:
						$query = "INSERT INTO ngepost VALUES('user1',$id)";
						mysql_query($query);
						
						//masukin tag:
						$taglist = explode(",",$tags);
						foreach ($taglist as $tag) {
							$tw = str_replace(" ", "", $tag);
							$query = "INSERT INTO ditag VALUES($id,'$tw')";
							mysql_query($query);
						}
						
						mysql_close();
					}
				} else if ($tipe == 'image') {
					$name = $_FILES["file"]["name"];
					$tipe = $_FILES["file"]["type"];
					$size = $_FILES["file"]["size"];
					$prob = $_FILES["file"]["error"];
					$tmp = $_FILES["file"]["tmp_name"];
					if (($tipe == "image/jpeg") || ($tipe == "image/pjpeg")) {
						if ($size < 1024000) {
							if ($prob > 0) {
								echo "[Error code : $prob]";
								$error = true;
							} 
						} else {
							echo "[file terlalu besar]";
							$error = true;
						}
					} else {
						echo "[file tidak berformat jpg/jpeg]";
						$error = true;
					}
 					if (!$error) {
						$mysql_db = "progin_171_13509027";
						$mysql_user = "progin";
						$mysql_pass = "progin";
						$mysql_link = mysql_connect("localhost", $mysql_user, $mysql_pass);
						mysql_select_db($mysql_db, $mysql_link);
						
						$query = "INSERT INTO post(judul, wujud) VALUES('$title', 2)"; 
						mysql_query($query);
						
						//dapetin ID
						$res = mysql_query("SELECT ID_post FROM post 
											WHERE judul='$title' AND wujud=2 ORDER BY waktu DESC LIMIT 1");
						$id = mysql_result($res,0,'ID_post');
						
						//usernamenya masih salah nih:
						$query = "INSERT INTO ngepost VALUES('user1',$id)";
						mysql_query($query);
						
						//tambahin gambar
						$imgsrc = "image/content/[" . $id  . "]" . $name;
						move_uploaded_file($tmp,$imgsrc);
						
						//ubah link
						$query = "UPDATE post SET link = '$imgsrc' WHERE ID_post=$id";
						mysql_query($query);
						
						//masukin tag:
						$taglist = explode(",",$tags);
						foreach ($taglist as $tag) {
							$tw = str_replace(" ", "", $tag);
							$query = "INSERT INTO ditag VALUES($id,'$tw')";
							mysql_query($query);
						}
						
						mysql_close();
					}
				} else if ($tipe == 'video') {
					if ($link =='') {
						echo "[link kosong]";
						$error = true;
					} else {	//validasi youtube
						$utube = parse_url($link);
						if ($utube) {
							if (($utube['host'] == 'youtube.com') && ($utube['path'] == '/watch'))  {
								parse_str($utube['query'], $aquery);
								if (($aquery['v'] != '') && (strlen($aquery['v']) == 11)) {
									$link = $aquery['v'];
								} else {
									echo "[link video youtube bermasalah]";
									$error = true;
								}
							} else {
								echo "[link bukan link youtube yang valid]";
								$error = true;
							}
						} else {
							echo "[link bukan sebuah link]";
						}
					}
					if (!$error) {
						$mysql_db = "progin_171_13509027";
						$mysql_user = "progin";
						$mysql_pass = "progin";
						$mysql_link = mysql_connect("localhost", $mysql_user, $mysql_pass);
						mysql_select_db($mysql_db, $mysql_link);
						
						$query = "INSERT INTO post(judul, wujud, link) VALUES('$title', 1, '$link')"; 
						mysql_query($query);
						
						//dapetin ID
						$res = mysql_query("SELECT ID_post FROM post 
											WHERE judul='$title' AND wujud=1 AND link='$link' ORDER BY waktu DESC LIMIT 1");
						$id = mysql_result($res,0,'ID_post');
						
						//usernamenya masih salah nih:
						$query = "INSERT INTO ngepost VALUES('user1',$id)";
						mysql_query($query);
						
						//masukin tag:
						$taglist = explode(",",$tags);
						foreach ($taglist as $tag) {
							$tw = str_replace(" ", "", $tag);
							if ($tw != "") {
								$query = "INSERT INTO ditag VALUES($id,'$tw')";
								mysql_query($query);
							}
						}
						
						mysql_close();
					}
				}
			} else if ($submit=='preview') {
				if ($tipe == 'link') {
					if (isValid($link)) 
						echo "<a href=".$link.">".$link."</a><br />".$deskripsi;
					else
						echo "[link tidak valid]";
				} else if ($tipe =='image') {
					echo "[no preview for image]";
				} else if ($tipe =='video') {
					$utube = parse_url($link);
					if ($utube) {
						if (($utube['host'] == 'youtube.com') && ($utube['path'] == '/watch') ) {
							parse_str($utube['query'], $aquery);
							if (($aquery['v'] != '') && (strlen($aquery['v']) == 11)) {
								$v = $aquery['v'];
								echo showUtube($v);
							} else {
								echo "[link video youtube bermasalah]";
								$error = true;
							}
						} else {
							echo "[link bukan link youtube yang valid]";
							$error = true;
						}
					} else {
						echo "[link bukan sebuah link]";
					}
				}
			}
		}
	?>
</body>
</html>